Home > Storage > PowerScale (Isilon) > Product Documentation > Security and Compliance > Dell PowerScale OneFS: Security Considerations > Maintain a vulnerability management program
The third pair of requirements focuses on securing systems and applications while protecting against malicious software.
Protecting the network and all devices against all forms of malware is important. If an IT environment is not protected, system vulnerabilities may be exposed. Anti-virus software is recommended for all systems to protect against threats, paired with additional anti-malware solutions as required.
PowerScale OneFS provides two options for anti-virus protection. The first solution supports the Internet Content Adaptation Protocol (ICAP) standard, ensuring that all anti-virus software with the ICAP standard is supported. For more information about configuring ICAP servers and an anti-virus overview in OneFS, see the OneFS Web Administration Guide for the relevant OneFS release at PowerScale Info Hubs.
In addition to ICAP, the other anti-virus option is the Common Anti-Virus Agent (CAVA) solution. CAVA provides better performance than the ICAP option, using a Microsoft Windows server and third-party anti-virus software through the Dell Common Event Enabler (CEE), as shown in the following figure.
Both ICAP and CAVA offer on-access scanning, anti-virus policy scanning, and individual file scanning.
The other requirements in this section mention behavior analysis and protection from phishing attacks. For cluster monitoring, Dell CloudIQ is recommended. Further, Superna provides various security-focused applications, including cyber protection and Ransomware defender, for PowerScale clusters, as described in Superna security applicationsSuperna security applications.
For cluster auditing, see the File System Auditing with Dell PowerScale and Dell Common Event Enabler white paper. The PowerScale OneFS SDK allows administrators to provision a custom application to configure, manage, and monitor cluster activity.
Security vulnerabilities in any system are an open door for allowing access to unauthorized individuals. Shielding systems from security vulnerabilities is usually a process of updating to a current software release or installing a security patch depending on the vendor. Ensure that all systems are continuously monitored for security vulnerabilities and apply updates to resolve any open vulnerabilities.
PowerScale provides patches for any open security vulnerabilities. For more information about the PowerScale OneFS software release frequency, see the PowerScale Software Release and Patching Strategy white paper. Additionally, monitor security advisories for PowerScale on Dell Support at Security Advisories and Notices.
The configuration of the other requirements in this section is outside the scope of the PowerScale cluster.